During the course of operations, a directory service domain can be migrated to another domain. When a directory service domain migrates, the directory service assigns a new SID (Security Identifier) to each user and group from that domain. The original SID of each migrating user or group is added to an attribute called sIDHistory. Thus, sIDHistory attribute keeps track of all the previous SIDs of an object as it migrates from one domain to another.

When Data Insight scans a directory service domain, it fetches the sIDHistory attribute of all the users and groups. If Data Insight finds a user, say A, whose SID is present in the history of another user, say B, it knows that user A has migrated to user B. If user B is itself not contained in the sIDHistory of any other object in the directory service, Data Insight marks B as the latest user that user A has migrated into. Consequently, user A's LatestSID custom attribute points to user B on the Data Insight console. The LatestSID custom attribute links a user or group to its newest migrated version.

While Data Insight scans configured domains, it automatically adds a domain called MigratedSIDs. This domain is used to collect SIDs that are present in sIDHistory of some user or group, but do not belong directly to any object in Data Insight.

For example, if a user test_user in domain test_domain has the SID S-X-X-X-X in the sIDHistory, and there is no user in any directory service domain scanned by Data Insight with that SID, then Data Insight adds a new user test_user#1 in the MigratedSIDs domain with SID S-X-X-X-X and it sets the user's LatestSID custom attribute to test_user@test_domain. When Data Insight adds multiple SIDs from sIDHistory of a user or group to MigratedSIDs domain, it suffixes the display name of the object with #1, #2, #3.

Data Insight considers the new SID and the SID history of the user to compute the effective permissions and to display user activity information. When Data Insight calculates effective permissions of a user that has some SID in the sIDHistory, it also adds explicit permissions of all the SIDs in the history. For example, if a user A in domain D1 has migrated into user B in domain D2. User A has read permissions on a folder test while user B has write permissions on it, Data Insight shows user B as having both read and write permissions on folder test.